ID: 28461 Comment by: hewei at ied dot org dot cn Reported By: xanthor at xanthor dot tk Status: Feedback Bug Type: PCRE related Operating System: Linux, WindowsXP© PHP Version: 4.3.8; 4.3.9RC1, 5.0.1 New Comment:
preg_match("/(((?<!aaa).)*)(?<!aaa)aaa/",str_repeat(' ',10882).'aaa',$z); crashes PHP4.3.9RC2 But not on php-4.3.2-11.1.ent (WBEL 3.0), the length to trigger segmentation fault is about 19230. The most funny thing is that the more closer to the limit, the more likely you will get a random segmentation fault. Not only the above pattern will cause the error, preg_match("/^( )*$/",str_repeat(' ',19250)); will too. Previous Comments: ------------------------------------------------------------------------ [2004-09-10 12:49:48] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php5-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php5.0-win32-latest.zip I couldn't reproduce any of the crashes. ------------------------------------------------------------------------ [2004-08-23 11:24:50] xanthor at xanthor dot tk Updating version : I've found an other expression which segfaults also PHP 5 : preg_match("/^((?<!a).)*/",str_repeat('b',21236),$z); ------------------------------------------------------------------------ [2004-07-19 11:11:33] xanthor at xanthor dot tk The bug is still here with PHP 4.3.8 ------------------------------------------------------------------------ [2004-05-21 11:17:44] xanthor at xanthor dot tk No it isn't fixed : with 2236+3 chars it works, but when we increase this number we manage to have an other segmentation fault. (The new limit seems to be 2247+3) ------------------------------------------------------------------------ [2004-05-21 01:13:19] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-STABLE-latest.zip ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/28461 -- Edit this bug report at http://bugs.php.net/?id=28461&edit=1